Quote:
Originally posted by Pragma
Yea, both WEP and WPA are bad for security - though WPA isn't as bad as WEP. The only way to be sure is to secure with IPsec. You should be able to find lots of info through Google on how to do that.
|
Actually, that's not entirely true.
WPA used properly completely mitigates all known hacking attacks on wireless networks.
WPA comes in two modes; EAP based and WPA-PSK.
WPA-PSK (Pre Shared Key) is the method that small home networks will use. It's basically a framework for key management that allows your AP and station (ie laptop) to regularly regenerate brand new keys. The basis of this is the "Pre Shared Key" you enter on each (the AP and the client). If you follow the original specifications and use a key that is long (ie, 14+ chars, but ideally 20 chars) and is not a common dictionary word that could be easily guessed, then you are fine.
A good example would be something like "1q2w3e4r5t6yKID994#@"
In other words, some random or pseudo-randon string.
WPA also introduces TKIP (Temporal Key Integrity Protocol), MIC (Message Integrity Check) and BKR (Broadcast Key Rotation).
All of these features combined make your wireless network very secure against all but the most sophisticated and high-powered attack; in other words 99.9% of normal "opportunistic hacking attempts".
The IEEE is due to ratify 802.11i in July which completely replaces WEP with AES (Advanced Encryption Standard) which is currently the "gold standard" in network encryption. In September, the WiFi Alliance are due to publish the WPA2 standard and start testing in their labs. WPA2 is simply a marketing term for 802.11i so as not to freak non-technical users with too many strange sounding standards (the "alphabet soup" of 802.11 standards).
So, in summary, WPA is entirely safe (as long as you use a decent key length and avoid easily guessed words).
If anyone wants more information on this or associated wireless networking topics, please feel free to ask.
Mr Mephisto